UK’s Seven Main Banks Targeted by Co-ordinated Cyber Attack

A major cyber attack that targeted UK’s seven main banks last year forced them to scale back their operations or shut down entire systems, according to National Crime Agency (NCA).

The banks involved are HSBC, Barclays Royal Bank of Scotland and Tesco Bank, RBS, Lloyds, Clydesdale and Yorkshire Banking Group.

An international police investigation launched to into the attack recently led to the shutdown of Webstresser.org, a website used to launch attacks DDOS (distributed denial of service) on banks and other financial institutions.

DDOS attack is a subclass of Denial of service (DOS) attack in which multiple compromised systems are used to launch a cyber attack.

Comprised of UK National Crime Agency (NCA), Dutch National Police, Europol and law enforcement agencies from 11 other countries, the investigation team also arrested the owners of the website.

According to Europol, ‘measures’ were also taken against website’s users in Hong Kong, Canada, Australia, the UK, Netherlands, Spain, Croatia and Italy.

Webstresser is considered as world’s largest DDoS marketplace that is believed to have been used in around four million cyber attacks

Webstresser, which had more than 136,000 registered users, is considered as world’s largest DDoS marketplace that is believed to have been used in around four million cyber attacks.

In January last year, a major DDOS assault on Lloyds Banking Group kept suspended its digital services for 48 hours, leaving hundreds of customers temporarily unable to use its services such as sending and receiving the payments.

The NCA officials believe an assailant, linked to an address in Bradford, Yorkshire, used Webstresser to launch a series of attacks against UK’s major banks in November last year. The address was searched as part of agency’s investigation.

As a result of the attack, the several banks were forced to reduce their operations while some others had to shut down entire systems.

Cyber security experts have applauded the seizure of Webstresser but said the move is unlikely to make a major impact on the volume of attacks faced by banks other big organizations.